Enables secure API key management through environment variables, supporting configuration of the Shodan API key and other server settings.
Hosts the repository for the Shodan MCP Server, allowing users to clone the project for installation.
Provides the runtime environment for the MCP server, with version 14 or higher required to run the Shodan integration.
Used for package management and dependency installation, with version 6 or higher required for the Shodan MCP server.
Shodan MCP Server
A Model Context Protocol (MCP) server that provides access to Shodan's internet scanning capabilities through a standardized interface.
Overview
This server implements the Model Context Protocol to expose Shodan's powerful internet scanning and reconnaissance capabilities. It provides a standardized interface for querying Shodan's database of internet-connected devices, services, and vulnerabilities.
Features
- Search Capabilities: Query Shodan's database using advanced search filters
- DNS Lookup: Resolve domain names and get detailed DNS information
- CVE Information: Get detailed information about Common Vulnerabilities and Exposures
- Get Vulnerabilities: Get detailed infor Vulnerabilities related to an IP address
- Standardized Interface: Uses MCP protocol for consistent communication
- Environment Variable Support: Secure API key management through environment variables
Prerequisites
- Node.js (v14 or higher)
- npm (v6 or higher)
- Shodan API key
Installation
- Clone the repository:
- Install dependencies:
- Create a
.env.local
file in the root directory and add your Shodan API key:
Usage
Starting the Server
- Build the server:
- Start the server:
Available Tools
- Search Tool
- Query: Search for devices and services using Shodan's search syntax
- Example:
log4j country:US city:Atlanta
- Returns: List of matching devices with detailed information
- DNS Lookup Tool
- Query: Domain name to resolve
- Example:
example.com
- Returns: DNS records and related information
- CVE Info Tool
- Query: CVE identifier
- Example:
CVE-2021-44228
- Returns: Detailed vulnerability information
Example Queries
Using the MCP Inspector
You can use the MCP inspector to interact with the server directly:
- Install the MCP inspector:
- Run the inspector with your server:
The inspector provides an interactive interface to:
- Test all available tools
- View tool documentation
- Debug server responses
- Monitor server status
Environment Variables
SHODAN_API_KEY
: Your Shodan API key (required)PORT
: Server port (optional, defaults to 3000)LOG_LEVEL
: Logging level (optional, defaults to 'info')
Error Handling
The server implements comprehensive error handling for:
- Invalid API keys
- Rate limiting
- Network issues
- Invalid queries
- Server errors
Security Considerations
- API Key Protection:
- Never commit API keys to version control
- Use environment variables for sensitive data
- Rotate API keys regularly
- Rate Limiting:
- Respect Shodan's API rate limits
- Implement client-side rate limiting
- Data Privacy:
- Filter sensitive information from responses
- Implement access controls as needed
License
This project is licensed under the MIT License - see the LICENSE file for details.
Acknowledgments
- Shodan for providing the API
- Model Context Protocol team for the MCP specification
This server cannot be installed
remote-capable server
The server can be hosted and run remotely because it primarily relies on remote services or has no dependency on the local environment.
This is a Model Context Protocol (MCP) server that provides access to the Shodan API. It allows you to programmatically query Shodan for information about devices, vulnerabilities, and more.
Related MCP Servers
- -securityAlicense-qualityMCP server for querying the Shodan API and Shodan CVEDB. This server provides tools for IP lookups, device searches, DNS lookups, vulnerability queries, CPE lookups, and more.Last updated -766318JavaScriptMIT License
- AsecurityAlicenseAqualityA Model Context Protocol (MCP) server that provides tools for searching and fetching information from Hacker News.Last updated -46PythonMIT License
- -securityFlicense-qualityA Model Context Protocol server that provides access to Shodan and VirusTotal APIs for cybersecurity analysis, enabling analysts to perform network intelligence operations including host lookups, vulnerability analysis, and threat intelligence gathering.Last updated -1TypeScript
- AsecurityAlicenseAqualityProvides access to Shodan API functionality, enabling AI assistants to query information about internet-connected devices for cybersecurity research and threat intelligence.Last updated -51JavaScriptMIT License